How Scoped Storage will boost security on Android Q
Google's mission to boost security will get a major push with the release of Android Q - the next flavor of its mobile OS. The OS, which has not been named yet, will come with several security-focused features, including the capability for limiting the internal storage access of apps. It will be called Scoped Storage, and here's all you need to know about it.
Originally, Android apps had the same level of storage access as regular desktop programs; you could use any app to browse all files, folders. However, since Android 4.4 KitKat, Google imposed restrictions on such access while still maintaining a way to let developers access other system folders for powering some specific features. Scoped Storage changes this, making storage access tighter than ever for developers.
Specifically, the new feature is all about restricting apps and the data they create to a specific sandbox or part of total internal storage. Beyond this sandbox, the app won't have the permissions to access any other part of system storage, at least not by default. This could alleviate privacy and security concerns users may have in regard to the broad reach of apps.
Apps already create sandboxed folders for storing raw files - space that isn't accessed by other apps. However, Scoped Storage will also put the data apps create in a sandboxed folder, masking it completely. Imagine a locked folder for the data of a call-recording app.
By default, apps would save data to their respective sandboxed folders. However, if they need access to other folders to power some functionality (like a File Manager), they'd have to implement special permissions specific to that requirement. Android Q would offer built-in permissions for accessing shared folders like Pictures, but for other folder access, you'll need to implement special custom permissions.
Giving apps their own space to run and store data and enhancing permission control can play a significant role in cutting down malicious activity. Basically, the move, when implemented, would keep malicious third-party apps from getting hold of your personal data. Such apps often end up mining personal information after sneaking into the Play Store by posing as a legit program.
Notably, in order to make their apps Android Q compatible and continue leveraging broad data access, developers would need to switch from using Java APIs to the Storage Access Framework API. However, this might take a while to be enforced into practice completely.